<?php
if(!isset($_SESSION)) 
	{ 
		session_start(); 
	}

if(isset($_SESSION['running'])){
	echo "<script>
			alert('Running');
		</script>";
	echo "<script>
		window.close();
		</script>";
}else{
	$_SESSION['running']=1;
include 'operations/connection.php';	
	
$lang=$_REQUEST['lang'];
$company=$_REQUEST['company'];
$idEmployee=$_REQUEST['id_employee'];
$idGroup=$_REQUEST['idgroupapprove'];
$comment=$_REQUEST['comment'];
$id_approvedoc=$_REQUEST['id_approvedoc'];
$co=0;

		
if (empty($lang) || $lang == "EN") {
	$value = "value/value_en.php";
} else if($lang == "VN") {
	$value = "value/value_vn.php";
}
else {
	$value = "value/value_kr.php";
}
include($value);

if($_REQUEST["action"]=="approve"){
	
	$db=mysql_query("SELECT l.IDStatus,a.IDStatus as trangthai FROM listapprove l,approvedoc a WHERE l.IDEmployee ='$idEmployee'  AND l.IDGroupApprove = '$idGroup' AND a.IDGroupApprove=l.IDGroupApprove;");
	while ($r=mysql_fetch_array($db)){
		$co=1;
		if($r[trangthai]!=6){
			if($r[IDStatus]==2){
			
				mysql_query("UPDATE listapprove SET IDStatus=1,DateApprove=NOW(),Description='$comment'
								 WHERE IDEmployee=$idEmployee
								 AND IDGroupApprove = $idGroup");
					
				mysql_query("UPDATE list_reference SET id_status='2'
								 WHERE id_manager=$idEmployee
								 AND id_group = $idGroup");
				
				$id = 0;
				$query = mysql_query("SELECT l.Order FROM listapprove l  WHERE l.IDEmployee ='$idEmployee'  AND l.IDGroupApprove = '$idGroup';");
				while ($row = mysql_fetch_array($query)){
					$id = $row[Order];
				}
				$id=$id+1;
				$pending = 0;
				$query = mysql_query("SELECT listapprove.IDStatus FROM listapprove,approvedoc
						 	WHERE listapprove.IDGroupApprove = approvedoc.IDGroupApprove
							AND listapprove.IDGroupApprove = $idGroup");
				while ($row = mysql_fetch_array($query)) {
					if ($row[IDStatus] == 4)
						$pending++;
				}
				if ($pending == 0) {
					mysql_query("UPDATE approvedoc SET IDStatus=1 WHERE IDGroupApprove = $idGroup");
					mysql_query("UPDATE approvedoc SET TimeApprove = NOW() WHERE IDGroupApprove=$idGroup");	
				} else {
					mysql_query("UPDATE listapprove SET IDStatus=2 WHERE listapprove.IDGroupApprove=$idGroup
					AND listapprove.Order=$id");
					
				}
				$idapprovedoc="none";
				$employee_id = "none";
				$db=mysql_query("SELECT a.IDApproveDoc,l.IDEmployee 
								 FROM listapprove l,approvedoc a 
								 WHERE l.IDGroupApprove=a.IDGroupApprove AND l.IDGroupApprove='$idGroup' AND l.IDStatus=2;");
				
				while ($row = mysql_fetch_array($db))
	            {
	                  $idapprovedoc = $row[IDApproveDoc];
	                  $employee_id = $row[IDEmployee];
	            }
				// send mail
				//set POST variables
				$addressbrowser = $_SERVER['SERVER_NAME'];
				$temp = explode(".", $addressbrowser);
				$lang=$_SESSION['lang'];
				if($lang==''){
					$lang='EN';
					$_SESSION['lang']="EN";
				}
				
				$url = 'http://175.126.145.85/mail/index.php';
				$fields = array(
										'idgroupapprove' => urlencode($idGroup),
										'id_approvedoc' => urlencode($idapprovedoc),
										'id_employee' => urlencode($employee_id),
										'company' => urlencode($temp[0]),
										'lang' => urlencode($lang),
										'co' => 1,
										'id_employee_last' => urlencode($idEmployee)
								);
	
				//url-ify the data for the POST
				foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
				rtrim($fields_string, '&');
				
				//open connection
				$ch = curl_init();
				
				//set the url, number of POST vars, POST data
				curl_setopt($ch,CURLOPT_URL, $url);
				curl_setopt($ch,CURLOPT_POST, count($fields));
				curl_setopt($ch,CURLOPT_POSTFIELDS, $fields_string);
				
				//execute post
				$result = curl_exec($ch);
				
				//close connection
				curl_close($ch);
				
				echo "<script>
						alert('".$l_thongbao1."');
					</script>";
			}else if($r[IDStatus]==3){
				echo "<script>
						alert('".$l_thongbao2."');
					</script>";
			}else if($r[IDStatus]==1){
				echo "<script>
						alert('".$l_thongbao3."');
					</script>";
			}
		}
	}
}
if($_REQUEST["action"]=="reject"){
	$db=mysql_query("SELECT l.IDStatus,a.IDStatus as trangthai FROM listapprove l,approvedoc a WHERE l.IDEmployee ='$idEmployee'  AND l.IDGroupApprove = '$idGroup' AND a.IDGroupApprove=l.IDGroupApprove;;");
	while ($r=mysql_fetch_array($db)){
		$co=1;
		if($r[trangthai]!=6){
			if($r[IDStatus]==2){
				mysql_query("UPDATE listapprove SET IDStatus=3,DateApprove=NOW(),Description='$comment' 
									WHERE IDEmployee = $idEmployee
									AND IDGroupApprove = $idGroup");
				mysql_query("UPDATE list_reference SET id_status='2'
								 WHERE id_manager=$idEmployee
								 AND id_group = $idGroup");
				mysql_query("UPDATE approvedoc SET IDStatus=3 WHERE IDGroupApprove = $idGroup");
				mysql_query("UPDATE approvedoc SET TimeApprove = NOW() WHERE IDGroupApprove=$idGroup");		
				echo "<script>
						alert('".$l_thongbao4."');
					</script>";
			}else if($r[IDStatus]==3){
				echo "<script>
						alert('".$l_thongbao2."');
					</script>";
			}else if($r[IDStatus]==1){
				echo "<script>
						alert('".$l_thongbao3."');
					</script>";
			}
		}
	}
	
}
if($co==0){
		echo "<script>
						alert('".$l_thongbao5."');
					</script>";
	}
	echo "<script>
		window.close();
		</script>";
	session_unregister('running');
}
?>